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[57] ABSTRACT 

A system and method for automatically securely generating 
and programming an MS and SAMS with the sensitive 
authentication information while significantly reducing the 
risk of misappropriation of the sensitive authentication 
information. The risk of misappropriation is reduced since 
the sensitive authentication information (or other sensitive 
information) need not be pre-programmed into the MS, or if 
it is pre-programmed, the sensitive authentication informa- 
tion can be re-programmed, thereby reducing the potential 
access to the information by unauthorized people before the 
MS is sold. In addition, the risk of misappropriation is 
reduced since the generation and programming system and 
method is performed automatically using a secured commu- 
nication technique. 
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AUTHENTICATION KEY MANAGEMENT signaling protocol is described in greater detail in the 

SYSTEM AND METHOD Telecommunications Industry Association/ Electronic 

Industries Association (TIA/EIA), Interim Standard IS-41- 

RELATED APPLICATIONS B, Electronic Industries Association, December 1991 that is 

5 incorporated by reference herein in its entirety. The IS-41C 

This application is related to co-pending U.S. patent signaling protocol is described in greater detail in the 

application Ser. No. 08/642,215, filed by Michael D. Gal- TIA/EIA, Interim Standard IS-41-C, Cellular Radio- 

lagher et al. on 06 May 1996, entitled "System and Method Telecommunications Intersystem operations, February 1996 

for Authenticating Cellular Telephonic Communication", that is incorporated by reference herein in its entirety. The 

now U.S. Pat. No. 5,799,084, and co-pending U.S. patent home system includes an MSC/VLR 106C and a home 

application Ser. No, 08/672,662, filed by Michael Gallagher location register (HLR) llOB having a profile of the sub- 

et al. on 28 Jun. 1996, entitled "A Signaling Gateway scriber (registered user) of the MS 102. A subscriber profile 

System and Method", pending, and co-pending U.S. patent includes a copy of the unique MS identifier and indications 

application Ser. No. 08/791,992, filed by Yick Man Chan et of the type of services available to the subscriber, e.g., call 

al. on 31 Jan. 1997, entiUed "Secure Authentication-Key forwarding and multi-party calUng. One purpose of regis- 

Management System and Method for Mobile tering the MS 102 with the home system is to enable the 

Communications", all of which are incorporated by refer- MSC/VLR 106A to charge the home system so that the 

ence herein in their entirety. home system can charge the owner of the MS 104 for the 

cost of the call on the cellular network. If the unique MS 

BACKGROUND OF THE INVENTION identifier matches a stored identifier in the home system, 

1 Field of the Invention ^^^^ home system transmits a registration signal to the 

^ , . , , 11 + f MSC/VLR 106A and the user of the MS 102 is then 

The present mvention relates generally to the field of -^^ j . n . * , 

, J .-ii.^i.cijr permitted to use the cellular network. 

communication systems and more particularly to the field of ^ „ , , . , . ^ , . . 

aulhenticatioD of cellular telephone communication. P^°''^<"" ^* conventional mobile communication 

^ ^ , . ^ „ , , , 25 systems occurs when the first system illustrated in FIG. 1 

2. Descnption of Background Art ^^^^^^ ^ ^^^^^^^^^ ^ j^^^^^ ^1^^^ ^ compatible with the 

In recent years the use of cellular telephones and cellular protocol supported by the second system, e.g., IS-41B, but 

communications systems has significantly increased. Many the first system offers more features to the user, e.g., authen- 

of the eariy communication systems were based upon analog tication. In conventional systems, the MS 102 can not take 

technology, e.g., the advanced mobile phone system 30 advantage of the additional features offered by the first 

(AMPS). In recent years the protocols used by some of these system when traveling through the area supported the first 

analog systems have been modified to add features, e.g., call system. For example, a significant problem with current 

forwarding and authentication. FIG. 1 is an illustration of a cellular networks is fraud. Specifically, the signal between 

conventional cellular communication network. The commu- the MS 102 and the BS 104A can be intercepted by an 

nication network includes a mobile station (MS) 102, e.g., a 35 unauthorized source. The unauthorized source can deter- 

cellular telephone that is commercially available firom mine the unique MS identifier included in the intercepted 

Motorola Corporation. The MS 102 transmits an electro- signal and can then program a fraudulent MS to transmit the 

magnetic signal to and receives an electromagnetic signal intercepted MS identifier. As a result, the unauthorized 

from a base station (BS) 104 via the air. In FIG. 1, the BS source utilizes the cellular network and the cost of this use 

104 is communicating with a first system, e.g., an IS-41C/ ^ is charged to the subscriber whose MS identifier was inter- 

AMPS system. TypicaUy, a BS 104 is a tower having an cepted. Some estimates of the monetary losses fi-om this type 

antenna and a transceiver. of fraud range from $2 million to $3 million per day, as of 

Tlie MS 102 communicates with a BS 104 whose physical 1996. Fraud typically occurs more frequently in larger cities, 

location is near the MS 102. Currently, there are thousands Accordingly, many system providers in the larger cities have 

of BS's 104 in the United States. Some of the functions 45 upgraded the signaling protocol in order to include an 

performed by each BS 104B include converting the received authentication feature. For example, the IS-41C signaling 

electromagnetic signal into an electrical signal, assigning a protocol supports authentication while the IS-41A and 

voice channel to the MS 102, and paging an MS 102. The BS IS-41B signaling protocols do not support authentication. 

104 transmits a signal representing a unique MS identifier to Conventional systems do not permit an MS 102 to utilize the 

a mobile switching center (MSC) using a signaling protocol 50 authentication capabilities (or other additional features) of 

supported by the MSC. Frequently, in the AMPS system, the IS-41C signaling protocol while traveling through an 

each MSC/VLR 106A-B and its associated BS's 104A-B area supported by the first system if the home system does 

are provided by a single manufacturer, e.g.. Motorola Corp. not support authentication (or other additional features), e.g., 

Accordingly, a proprietary interface protocol is frequently if the home system only supports the IS-41B signaling 

used to communicate between the BSs 104A-B and the 55 protocol. 

MSC 106A-B. Frequently, the MSC includes a visitor The authentication standards developed by the TIA, for 

location register (VLR) and together are illustrated in FIG. example the TSB51, are described in TIA/EIA, Telecom- 

1 as an MSC/VLR 106. Cunendy, there are hundreds of munications System BuUetin - TSB51, Cellular Radiotele- 

MSC/VLRs 106 in the United States. communications: Authentication, Signaling Message 

The MSC/VLR 106 A identifies the home system, e.g., 60 Encryption and Voice Privacy, May 1993, that is incorpo- 

system 2, of the MS 102 and transmits a signal through a rated by reference herein in its entirety, and the TTAIS-41-C. 

signaling network 108, e.g., the signaling system 7 (SS7) The TIA air interface standards are: IS-54-B that is described 

which is a standard telecommunication signaling system, to in TIA/EIA, Interim Standard IS-54-B, Cellular System 

the home system for the purpose of registering the MS 102 Dual-Mode Mobile Station-Base Station Compatibility 

using a signaling protocol supported by the MSC/VLR 106 A 65 Standard, April 1992; IS -88, described in TIA/EIA, Interim 

and the home system. Two such signaling protocols are the Standard IS -88, Mobile Station-Land Station Compatibility 

IS-41B and the IS-41C signaling protocol. The IS-41B Standard for Dual-Mode Narrowband Analog Cellular 
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Technology, January, 1993; IS-91, described in TIA/EIA of the service provider and transmitting only non-sensitive 
Interim Standard IS-91, Mobile Station - Base Station Com- authentication information to the AC, for providing a secure 
patibility Standard for 800 MHz Analog Cellular, October, technique for generating sensitive authentication inform a- 
1994; IS -95 -A, described in TIA/EIA, Interim Standard tion and for securely transmitting to and storing the infor- 
IS-95-A, Mobile Station Base Station Compatibility Stan- 5 mation in the mobile system (MS) and a storage device 
dard for Dual-Mode Wideband Spread Spectrum Cellular controlled by the service provider, for enabling a mobile 
Systems, May, 1995; and IS-136, described in TIA/EIA, station to utilize features supported by the visited system 
Interim Standard IS-136, 800 MHz TDM A Cellular - Radio even if the MS home system does not support the feature. 
Interface - Mobile Station - Base Station Compatibility, The present invention utilizes a secure authentication 
December, 1994, that are all incorporated by reference center (SAC) and a secure A-key management system 
herein in their entirety. In addition, a more detailed descrip- (SAMS) to perform authentication. The SAC can be posi- 
tion of the SS7 network is described in the American tioned locally in a home system, or it can be centrally 
National Standards Institute, Inc. (ANSI), American located, for example, between systems. The SAC can be 
National Standard for Telecommunications, Signaling Sys- connected to many SAMS. Each SAMS stores sensitive 
tcm Number 7 (SS7) - General Information; Exchange authentication information for a group of MS's. During 
Carriers Standards Association Committee T1;T1. 111-1992 authentication, the SAC generates a request signal to the 
which is incorporated by reference herein in its entirely. appropriate SAMS which generates a unique signal based 
A second problem with conventional mobile communi- upon the secret authentication data and other data stored 
cation systems when authentication capability is provided is therein. However, the sensitive authentication data is not 
that sensitive authentication information, e.g., the authenti- sent to the SAC. The SAC performs authentication using the 
cation key (A-key), is accessible by an AC system admin- 20 unique signal transmitted by the SAMS. The present inven- 
istrator or other network entity. It would be preferable to tion enables a service provider to Hmit access to the sensitive 
increase the security of the mobile communication system authentication information by limiting the location of the 
by limiting access to such sensitive authentication informa- sensitive authentication information to the SAMS and the 
tion only to the MS service provider such that the AC system MS. The centralized SAC can be used with many SAMS 
administrator or other network entity, who may not be 25 without having access to the sensitive authentication infor- 
direcdy associated with the MS service provider, does not mation. 

have access to the sensitive authentication information. The present invention is also a system and method for 

However, in conventional mobile communication systems automatically securely generating and programming an MS 

the AC requires access to the sensitive authentication infor- and SAMS with the sensitive authentication information 

mation when performing MS authentication and, therefore, while significantly reducing the risk of misappropriation of 

the sensitive authentication information can be available to the sensitive authentication information. The risk of misap- 

non-MS service providers. propriation is reduced since the sensitive authentication 

A third problem with conventional mobile communica- information (or other sensitive information) need not be 

tion systems is that if the sensitive authentication pre-programmed into the MS, or if it is pre-programmed, the 

information, e.g., the A-key, is pre-programmed in the MS sensitive authentication information can be re-programmed, 

102, it must be transmitted to the AC in the home system thereby reducing the potential access to the information by 

before activating the MS 102. This presents several security unauthorized people before the MS is sold. In addition, the 

concerns. For example, if the A-key is pre-programmed into misappropriation is reduced since the generation and 

the MS 102, the value of the A-key must be sent to the home ^ling system and method is performed automati- 

system before activating the MS 102. In conventional sys- ^ ^^^^^^ communication technique, 

terns the value of the A-key is either transmitted 40 ^ 

electronically, e.g., via a data network, or is written and sent BRIEF DESCRIPTION OF THE DRAWINGS 

to the service provider. These techniques are not secure since j ^ ^ illustration of an example of a cellular 

they utihze a person at one or both ends that obtam access ^^^^^^^ ^ j including a signaling network coupled 

to the sensitive authentication information. For example, if ^J^. „J!r^^ a ^Z^^..Z^^*:^Z 

^„ . ,j , . 1 . . c.i i^jTcy . J between iirst and second communication systems, 

an MS 102 is sold at a retail store, part of the MS activation 45 ^.^^ - . .„ . r 1 i- 1 

process (when the service provider provides an authentica- 2 is an illustration of an example of a cellular 

tion procedure) requires that the A-key be sent from the topology havmg a local authentication system in 

service provider to the retaU store for programming into the one system having an A-key management system according 

MS 102. This can mean that the retail clerk obtains access to one embodiment of the present invention, 

to the sensitive authentication information. What is needed FIG. 3 is an illustration of an example of a cellular 

is a more secure technique for transmitting sensitive authen- network including a signaling gateway disposed between the 

tication information between the service provider and the first and second systems, the signaling gateway coupled to 

MS 102. several A-key management systems that are controlled by a 

Accordingly, what is needed is a system and method for service provider according to the preferred embodiment of 

(1) enabling sensitive authentication information to be under the present invention. 

the control of the service provider and transmit only non- pjc. 4 is a more detailed Ulustration of the authentication 

sensitive authentication information to the AC; (2) providing center and the A-key management system according to the 

a secure technique for generating sensitive authentication preferred embodiment of the present invention, 

information and for securely transmitting to and storing the _ . j . -i j -n * *• r *u a 1 

. r . ^jfc -rt^-^ t * * J ■ . 11 J FIG. 5 is a more detailed illustration of the A-key man- 

inrormation in the MS 102 and a storage device controlled ^ ^ j .1. * 1 j- * u *• * • 1 j- 
. ^, . , /-X ui* u-1 « 4' * fin agement system and the A-key distnbution system mcludmg 

by the service provider; and (3) enabling a mobile station to , , j- . .t. c ^ 

r i . J • J 4. the automatic A-key programmer, according to the preferred 

utilize features supported by the visited system, e.g., , . r . • \- 

authentication, even if the MS home system does not support ^^nbodiment of the present mvention 

the feature illiistration of a mobile system according to 

the preferred embodiment of the present invention. 
SUMMARY OF THE INVENTION ^5 pi^. 7 is a flowchart illustrating the process of securely 

The invention is a system and method for enabling and automatically programming an A-key into a mobile 

sensitive authentication information to be under the control system. 
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FIG. 8 is a flow chart illustrating an authentication process in the cellular communication session, the MSCA^LR 302 of 

for a local SAC-SAMS topography according to the pre- the visited system communicates with the HLR 310B of the 

ferred embodiment of the present invention. home system. However, the protocol utilized by the visited 

FIG. 9 is a more detaHed illustration of the signahng ^yst^m, e.g., the IS-41C protocol, and the protocol utilized 

gateway/SAC system according to the preferred embodi- s by the home system, e.g., the IS-41B protocol, may not be 

ment of the present invention. compatible or the protocols can be compatible but the 

T7Tr> in • a u _* -11 « *u r *L protocol supported by the home system may not support all 

FIG. 10a is a liowchart lUustratmg the process of the ^ j . 11^1.., 

T , . . . • 1 r • -4 J of the features supported by the protocol used by the visited 

signaling gateway when receiving a signal from a visited ^ L *- j.. 

J' ^ c J u J • . f .1. . system. For example, authentication is supported by the 

system according to the preferred embodiment of the present to^^^ . n. - jl, ^^a^t^ 1 

invention » ^ 10 lS-41 C protocol but is not supported by the IS-41B protocol. 

^' , . „ . , , ^ . In the present invention a signaling gateway, e.g., a gateway/ 

FIG. 106 IS a flowchart illustraling the process of the gAC system 303 is coupled to the SS7 signaling network 

signaling gateway when receiving a signal from a home ^oS. The signaUng gateway 303 receives sienals transmitted 

system according to the preferred embodiment of the present ^^e home system's HLR 310B and signals transmitted by 

mvention. MSCA^LR 302A-B of the visited system, A benefit of 

FIG. 11 is an example of a registration signaling process this configuration is that the signaling gateway is located 

including authentication according to one embodiment of outside of both the visited system and the home system and, 

the present invention. therefore, can be utilized by many systems as opposed to 

DETAILED DESCRIPTION OF THE ^^^^ system in which it is located. However, since many 

PREFERRED EMBODIMENTS ^ accordingly, many service providers, can uti- 

hze the features of the signaling gateway, e.g., the authen- 

A preferred embodiment of the present iovention is now tication feature, the service providers may not be able to 

described with reference to the figures where like reference ensure the security of the sensitive authentication informa- 

numbers indicate identical or functionally simUar elements. tion since they do not maintain control over the administra- 

Also in the figures, the left most digits of each reference 25 tors of the signaling gateway 303 who have access to the 

number correspond to the figure in which the reference sensitive authentication information, e.g., the A-key, in 

number is first used. conventional communication systems. 

FIG. 2 is an illustration of an example of a cellular The present invention permits each service provider to 

network topology having an authentication system, e.g., a maintain sensitive authentication information in a SAMS 

secure authentication system (SAS) 202, in one mobile 30 204 that can be solely under the control of the service 

system, having a secure A-key management system (SAMS) provider. Each service provider can maintain a separate 

204 and a secure authentication center (SAC) 206, that are SAMS 204 that can be coupled to the signaling gateway 303, 

commercially available from Synacom Technology, Inc., The operation of the gateway/SAC system 303 and the 

San Jose, Calif., according to one embodiment of the present SAMS is described in greater detail below. In an alternate 

invention. The SAC 206 can be part of the SAS 202 or the 35 embodiment, signaling gateway/SAC systems 303 can be 

HLR HOB. The SAC 206 and the SAMS 204 are described coupled directly to any or all of the communication systems, 

in greater detail below. The SAMS 204 is a device that stores i.e., a signaling gateway/SAC system 303 can be positioned 

sensitive authentication information, e.g., an authentication between the signaling network 108 and each system. The 

key (A-key), whose access is controlled by a mobile station signaling gateway/SAC system 303 includes a gateway HLR 

service provider. Such service providers frequently maintain 40 304, a gateway/SAC unit 306, and a gateway VLR 308. The 

billing records and identify the level of service for each MS operation of one type of gateway unit is described in 

102. In the preferred embodiment of the present invention, co-pending U.S. patent application Ser. No. 08/672,662, 

the service provider maintains control of the sensitive filedby Michael Gallagher etal. on 28 Jun. 1996, entitled "A 

authentication information. In order to increase the security Signaling Gateway System and Method", that was incorpo- 

of the authentication process, only the MS 102 and the 45 rated by reference above. Another benefit of the communi- 

SAMS 204 store the sensitive authentication information in cation system using the signafing gateway/SAC system 303 

the preferred embodiment of the present invention. in comparison to conventional systems, is that when a 

FIG. 3 is an illustration of an example of a cellular service provider that is located in a system that does not 

network including a signaling gateway disposed between the support authentication, e.g., the service provider of system 2 

first and second systems, the signaling gateway can be 50 (using the IS-41B protocol) the communication system can 

coupled to several A-key management systems that are still support authentication if the signaUng gateway/SAC 

controlled by a service provider according to the preferred system 303 handles the authentication functions, as 

embodiment of the present invention. The cellular network described below. 

includes an IS-41C visited system having two base stations FIG. 4 is a more detailed illustration of the authentication 

(BSs) 312A-B, and two mobile switching centers/visitor 55 center and the A-key management system according to the 

location registers (MSC/VLR) 302A-B. Each MSC/VLR preferred embodiment of the present invention. A SAC 206 

302 is connected to a signaling network, e.g., the signahng is coupled to one or more SAMS 204. The SAC 206 can be 

system 7 (SS7), described above. The SS7 108 is disposed local, as illustrated in FIG. 2, or centraHzed by being part of 

between the visited system and a home system. The home or configured to operate with a signaling gateway/SAC 

system is the system that includes the home location register 60 system 303, as illustrated in FIG. 3. The SAC 206 includes 

(HLR) 310B for a particular mobile station (MS) 102. Since a SAC memory module 402, which can be a conventional 

the MS 102 can be physically located outside an area non-volatile storage device, that can include a counter unit 

supported by the home system, BSs 104A-B of other 404, a validator unit 406, a SAC operations, administration, 

systems can receive the electromagnetic signals transmitted maintenance, and provisioning (0AM &P) unit 408 which is 

from the MS 102. The system in which these BSs 104A-B 65 a user interface that enables a SAC administrator to perform 

are located is called the visited system. As described above, administrative and maintenance operations on the SAC 206, 

in order to provide a proper accounting of the costs involved for example, a service qualification unit 410, a network 
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interface unit 412, an authentication unit 414, a random present invention is described with respect to generating and 

number generation unit 416, an MS identification data unit programming the A-key into the MS 102 and the SAMS 204. 

420, and a SAMS interface unit 422. The SAC 206 also It will be apparent to persons skilled in the art that alternate 

includes a conventional processor 424, e.g., an Alpha micro- or additional data can be generated and programmed using 

processor that is commercially available from Digital Equip- 5 the technique described herein. 

ment Corporation (DEC), Palo Alto, Calif., and a conven- piG. 6 is an illustration of an MS 102 according to the 

tional input/output (I/O) controller 426. The operation of the preferred embodiment of the present invention. The MS 102 

SAC 206 will be described in greater detail below. includes a conventional I/O controller 602 for receiving, 

The SAMS 204 includes a conventional processor 444, inter alia, signals from the validator unit, a mobile station ID 

e.g., an Ultra Enterprise server, that is commercially avail- unit 610 that stores the unique electronic serial number 

able from Sun Microsystems, Inc., Mountain View, Calif., a (ESN) and mobile identification number (MIN) of the MS 

conventional I/O controller 446 and a SAMS memory 102, a transceiver unit 608 for transmitting signals to and 

module 430. The SAMS memory module 430 can be a receiving signals from various BS's 104, 312, a conven- 

conventional non-volatile storage device and includes a tional processor, and an MS memory module 604. The MS 

SAMS OAM&P unit 432 that is a user interface to the 15 memory module 604 can be a conventional storage device 

SAMS to enable a SAMS administrator to search the SAMS that includes the following non-conventional functional 

204, if authorized to do so, and perform various adminis- units in the form of, for example, computer programs. The 

trative and maintenance operations and to generate reports MS memory module 604 includes an authentication data 

concerning A-keys or validator units, for example, an A-key unit 622, an authentication unit 618, and a random number 

generation/distribution unit 434, a SAC interface unit 436, a 20 generation unit 614. The operation of the MS 102 when 

validator and modem interface unit 438, an authentication operating with the A-key distribution system and when 

information unit 440, a random number generation unit 441, operating with the mobile communication systems is 

and a shared secret data (SSD) generation unit 442. As described below. 

described above, one feature of the present invention is the xhe operation of the A-key distribution system is now 
generation and programming of an A-key in the SAMS 204 25 described with reference to FIGS. 5-7. FIG. 7 is a flowchart 
and the MS 102. In order to perform this function, the SAMS illustrating the process of securely and automatically pro- 
204 is coupled to an A-key distribution system 450 which is gramming an A-key into a mobile system. As described 
now described. above, each operating MS 102 typically includes sensitive 
FIG. 5 is a more detailed illustration of the A-key man- authentication data such as the ESN and the A-key. The 
agement system, e.g., the SAMS, and the A-key distribution 30 present invention provides a system and method for gener- 
syslem including the automatic A-key programmer 506, e.g., ating and storing all or a subset of the sensitive authentica- 
validator unit 506 that is commercially available from tion information. The generation of the A-key, for example, 
Synacom Technology, Inc., San Jose, Calif., according to the can be performed when the MS 102 is purchased or when it 
preferred embodiment of the present invention. The valida- is advantageous to replace an old A-key, for example. The 
tor unit 506 includes a conventional modem 508, a conven- 35 example set forth below will describe the situation where the 
tional I/O controller 510, and a validator unit memory A-key is programmed at the point of sale. After selling the 
module 512. The validator unit modem is coupled to the MS 102 to a user, the MS 102 is typically activated by a 
SAMS modem 502 via a network, e.g., the public switched salesperson or clerk at the point of sale. Currently, the 
telephone network (PSTN) 504. The SAMS memory mod- activation process can include placing a telephone call to the 
ule 512 includes an A-key generation/distribution unit 514, 40 service provider and identifying the ESN of the MS 102 
a control module 518, an MS interface 520, a system along with any other sensitive authentication information, 
maintenance module 522 , a system administration module The service provider will record this information, provide 
524, and a PSTN interface 526 which enables the validator the necessary sensitive authentication information to the 
unit to communicate with the PSTN via a conventional sales agent who programs the MS 102 with the sensitive 
analog telephone interface, e.g., an RMl interface. The I/O 45 authentication information. The sales clerk verifies the 
controller 510 can also be coupled to an MS 102 using an completion of the programming to the service provider and 
interface defined by the MS manufacturer and is stored in the the service provider activates the MS 102 in its system. In 
MS interface 520. The operation of the A-key distribution the preferred embodiment, the clerk will connect 702 the MS 
system is described below. The system administrator module 102 to the validator unit 506 and will initiate 704 a secure 
524 enables a user to set or modify the telephone number of 50 connection between the validator unit 506 and the SAMS 
the SAMS 204, to set or modify the terminal location 204 using encrypted signals. After establishing a connection 
identifier, to add or modify a terminal identifier, to alter an the vafidator unit control module 518 generates an A-key 
administrator password, and to perform other administrative generation request signal. The PSTN interface 526 formats 
functions. The system maintenance module 522 enables a the signal and the modem 508 modulates the digital signal 
validator unit administrator (not shown) to modify the 55 to an analog signal and transmits the signal over the PSTN 
hardware or software and to perform other maintenance 504. A modem or, preferably, a conventional bank of 
operations. modems 502, e.g., the U.S. Robotics Total Control Enter- 
As described above, an MS 102 is more secure if at least prise Network Hub that is commercially available from U.S. 
some sensitive authentication data is not preprogrammed Robotics, Skokie, 111. The modems 502 convert the received 
into the MS 102. In addition, it is preferable that a clerk at 60 signals to digital signals which are received by the SAMS 
a point of sale terminal does not have access to the sensitive I/O controller 446 and interpreted by the validator and 
authentication information when the MS 102 is being pro- modem interface unit 438 which determines that the 
grammed. The present invention satisfies these conditions. It received signal is an A-key generation request signal. The 
is preferable that an MS 102 be programmed (or A-key generation/distribution unit 434 uses a protocol that, 
re-pro grammed) with sensitive authentication information at 65 without any prior arrangements, can generate an agreed 
the point of sale of the MS 102. This will enable the MS to upon secret key that is known only to the validator unit 506 
be quickly activated with the authentication feature. The and SAMS 204. This secret key can then be used to encrypt 



06/11/2002, EAST Version: 1.03.0002 



5,850, 

9 

the communication signals sent between the validator unit 
504 and SAMS 204 \ising an encryption algorithm. 

In the preferred embodiment, the validator unit 506 and 
SAMS 204 use the DifEe-Hellman public key algorithm is 
used to generate a secret key for use in the RC4 encryption ^ 
algorithm. It will be apparent that alternate secret key 
generation and encryption techniques can be used without 
departing from the scope of the present invention. A more 
detailed description of the DifiBe-Hellman algorithm is found 
in W. Diffe and M. E. Hellman, "New directions in 10 
Cryptography/' IEEE Transactions on Information Theory, 
V. IT-22, n.6, November 1976, pp. 644-654. The Diffie- 
Hellman key algorithm provides a method for two parties to 
each compute the same secret key without exchanging secret 
information. Its security stems from the diflSculty of com- ^5 
puting discrete logarithms modulo a prime number. It takes 
little lime to exponentiate modulo a prime number, but much 
more lime to compute the inverse, i.e., the discreet loga- 
rithm. The A-key generation/distribution unit 434 in the 
SAMS 204 generates the Diffie-Hellroan mw) parameters. 20 
e.g., a prime number (p) having a length of "k" bytes, and 
an integer (g) that is greater than zero but less than "p", that 
is called the base. The A-key generation/distribution unit 
434 then randomly or pseudo-randomly generates a private 
value (x), whose value is greater than zero but less than "p", 25 
and computes a public value "y" according to equation (1). 

y=g' modulo p Equation (1) 

The A-key generation/distribution unit 434 then transmits 
its public value (y) and the DH parameters (p and k) to the 
validator unit 506. The validator A-key generation/ 
distribution unit 514 then calculates its public value (y') and 
private value (x') based upon the DH parameters. The 
validator A-key generation/distribution unit 514 then gen- 
erates the secret key (Z) in accordance with equation (2). 

Z=(y)* modulo p Equation (2) 

40 

The validator A-key generation/distribution unit 514 iden- 
tifies 706 the ESN of the MS 102 by reading the information 
from the MS identification unit 610. The validator A-key 
generation/distribution unit 514 then encrypts the ESN of 
the MS 102 using the RC4 encryption algorithm. The RC4 
encryption algorithm is described in greater detail in K. R. 
Slamberger, "The RC2 and RC4 Exportable Encryption 
Algorithms," RSA Data Security, Inc. (Feb. 12, 1993). In 
general, the RC4 algorithm is a symmetric stream encryp- 
tion algorithm, A stream cipher processes the input data a 
unit at a time. A unit of data is generally a byte, or bit. In this 
way, encryption or decryption can execute on a variable 
length of input. The algorithm does not have to wait for a 
specified amount of data to be input before processing, or 
append and encrypt extra bytes. RC4 is actually a keyed 
pseudo-random sequence. It tises the provided key to pro- 
duce a pseudo -random number sequence which is logically 
combined using an exclusive-OR (XOR) operation with the 
input data. As a result the encryption and decryption opera- 
tions are identical. The number of key bits is variable and 
can range from eight to 2048 bits. 

The unencrypted public value (y') and the encrypted value 
of the ESN are then transmitted 708 to the SAMS 204. The 
SAMS A-key generation/distribution unit 434 generates the 
secret key (Z) in accordance with equation (3). 

65 

2^{y'y modulo p Equation (3) 
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It will be apparent to persons skilled in the art that the 
SAMS 204 and the validator unit 506 have each calculated 
the same value for the secret key without exchanging any 
secret information. The SAMS A-key generation/ 
distribution unit 434 then decrypts the ESN of the MS 102 
using the RC4 algorithm and the secret key (Z). The SAMS 
A-key generation/distribution unit 434 then generates 710 
the A-key. 

In the preferred embodiment the A-Kcy is a 20 digit (64 
bit) random number and a 6 digits checksum. The SAMS 
A-key generation/distribution unit 434 generates a 20-digit 
pseudo-random number based on a random seed. In the 
preferred embodiment the random-seed is the time of day. 
After generating the 20 digit pseudo -random value, the 
A-key generation/distribution unit 434 generates a check- 
sum for an A-key. In a case where the number of digits in the 
pseudo -random number is less than 20, the leading most 
significant digits will be set to zero. The checksum provides 
a check for the accuracy of the A- Key. The 20 A-Key digits 
are converted into a 64-bit representation and along with the 
ESN are input to the TLA standard Cellular Authentication 
and Voice Encryption (CAVE) algorithm that is described in 
TIA, TR45.0.A, Common Cryptographic Algorithms, Revi- 
sion B, May 9, 1995, which is incorporated by reference 
herein in its entirety. The CAVE algorithm generates an 
18-bit result that is the A-Key checksum. The checksum is 
returned as 6 decimal digits. In the preferred embodiment, 
the A-key is the concatenation of the 20 digit pseudo random 
number and the 6 digit checksum. It will be apparent that 
different algorithms can be used to generate the A-key 
without departing from the scope of the present invention. 

After generating 710 the A-key, the SAMS 204 stores 712 
the authentication information, e.g., the A-Key, MS 
information, e.g., the ESN of the MS 102, and additional 
information, e.g., a validator unit identifier to identify the 
validator unit 506, in the SAMS authentication information 
unit 440, which can be in the form of a database, for 
example. The SAMS A-key generation/distribution unit 434 
then encrypts the A-key and transmits 714 the encrypted 
A-key to the validator unit 506. The validator unit 506 
decrypts the signal using the secret key to identify the A-key. 
The validator A-key generation/distributioQ unit 514 along 
with the MS interface 512 and the I/O controller 510 
automatically and securely programs 716 the A-key into the 
authentication data unit 622 of the MS 102. The clerk or 
validator unit operator do not have access to the A-key since 
the validator unit 506 programs the MS 102 without requir- 
ing any intervention from the validator unit operator once 
the connections between the vaUdator unit 506 and the MS 
102 and between the validator unit 506 and the SAMS 204 
have been established. The validator A-key generation/ 
distribution unit 514 can transmit 718 an acknowledgment 
signal to the SAMS 204 to indicate that the A-key program- 
ming operation has been successful. Accordingly, the above 
described system generates and programs an A-key into an 
MS 102 at a remote location, e.g., at the point of sale of the 
MS 102, in a secure manner and without requiring human 
intervention after the connections are established. 

As described above, two topographies in which the 
present invention can operate are illustrated in FIGS. 2 and 
3. In FIG. 2 the SAC 206 and SAMS 204 are local to system 
2 and receive signals via the HLR HOB. In FIG. 3 the SAMS 
204 and the SAC unit, e.g., the SAC in the gateway/SAC 
unit 303, are centrally located in that the authentication 
function can be performed outside of the home system, e.g., 
without authentication signals being received by the HLR 
310B although the SAMS 204 can be located in the home 
system, for example. The present invention operates in both 
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topographies by utilizing the SAMS 204 to maintain and SSD request signal can include a MIN signal, an ESN signal, 

protect all sensitive authentication information while pro- and, optionally, an indication of the authentication algorithm 

viding the necessary information to the SAC 206 or the to be used, e.g., a version number. The SAMS SSD genera- 

gateway/SAC unit 303. The technique for authenticating an tion unit 442 uses these signals to generate an SSD2 value 

MS 102 in each of these topographies is now described. 5 using, for example, the CAVE algorithm. The SAMS 204 

FIG. 8 is a flow chart illustrating an authentication process generates the random number used to generate the SSD2 and 

for a local SAC-SAMS topography according to the pre- transmits the SSD2, and a random number (RANDSSD) 

ferred embodiment of the present invention. The present used to generate the SSD2 that is generated in the random 

invention can be implemented using a variety of techniques. number generation unit 441 in the SAMS 204 to the SAC 

It will be apparent to persons skilled in the relevant art that lO 206, 306 using the SAC interface unit 436 and the I/O 

various changes in the implementation details of the authen- controller 446. If the MS 102 is authentic, the SSD2 value 

ticalion technique can be made without departing from the should be equal to the SSD value generated by the MS 102. 

scope of the present invention. FIG. 8 illustrates the authen- The SAC authentication unit 414 receives signals represent- 

tication process for MSs 102 served by IS -41 based systems ing SSD2, RAND, MIN, and ESN and implements the same 

using the TIA standard Cellular Authentication and Voice 15 authentication algorithm used in the MS 102, e.g., the CAVE 

Encryption (CAVE) algorithm, described above. In the pre- algorithm, using the received signal as inputs, 

ferred embodiment, the MS 102 is authenticated when The authentication procedure described above is accom- 

registering in a new system, e.g., when the MS 102 is turned plished without the SAC 206 receiving or having access to 

on or when the MS 102 transitions between two systems, sensitive authentication information, e.g., the A-key. 

e.g., two MSCs, In addition, the MS 102 can be authenti- 20 FIGS. lOA-B are flow charts illustrating an authentica- 

cated when originating a call on the cellular network. It is tion process for a centralized SAC-SAMS topography 

envisioned that the authentication procedure can also be according to the preferred embodiment of the present inven- 

implemented at other times. tion. A more detailed description of the authentication pro- 

The MS 102 generates 802 an SSD signal using the cess is set forth in U.S. patent application Ser. No. 08/672, 
authentication unit 618. The value of the SSD signal can be 25 662, filed by Michael Gallagher et al. on 28 Jun. 1996, 
stored in the authentication data unit 622. The system entitled "A SignaUng Gateway System and Method", that 
serving the MS 102, e.g., the visited system, transmits 803 was incorporated by reference above, 
a global challenge indicato r and a random number, e.g., Another feature of the present invention is that if an MS 
RAND, to the MS 102. In response to the global challenge 102 roams outside of the home system, e.g., if the MS 102 
signal, the MS generates 804 an authentication signal 30 re gisters with an MS C/VLR in a visited system that supports 
(AUTHR) using the authentication program, e.g., the CAVE features not supported by the MS home system such as 
algorithm described above. The authentication program can authentication, the present invention enables the MS 102 to 
have the SSD signal, the MIN signal, the ESN signal, and the utilize these additional features. FIG. 3 is an illustration of 
RAND signal as inputs. T he MS 102 then transmits 806 the an example of a cellular network including a signaling 
determined authentication signal to the serving system, e.g .. 35 gateway according to the preferred embodiment of the 
to the MS C/VLR 106A^ 302A of the visited system . The present invention, where features supported by a visited 
MSC/VLR 106A, 302Aof the serving system transmits 807 system are not supported by a home system. An example of 
the authentication signal (AUTHR) and the random number two signaling protocols that support different features is the 
(J^ AMD) tn the SAC 206, 306 via the HLR HOB of the home IS-41B and IS-41C signaling protocols. The IS-41C signal- 
system or the gateway HLR 304 of the gateway/SAC system 4 0 ing protocol supports mobile station authentication in addi- 
303, for example. If the SAC 206, 306 does not have a value tion to other features not supported by the IS-41B signaling 
for the SSD or if the SAC 206, 306 wants to update the SSD protocol such as voice privacy, i.e., air interface channel 
signal, the SAC 206, 306 transmits 809 an SSD request encryption, subscriber PIN access and subscriber PIN inter- 
signal 808 to the SAMS 204. The SAMS 204 calculates the cept protection, and flexible alerting, e.g., calling one num- 
SSD2 value using the sensitive authentication information 45 ber results in calls to multiple locations. With respect to FIG. 
and the authentication algorithm, e.g., the CAVE algorithm, 3, an MS 102 having a home system HLR 310B commu- 
and transmits 809 the SSD2 signal to the SAC 206, 306 nicates with BS 312A and MSC/VLR 302A in the visited 
which stores the SSD2 value in the MS identification data system. The visited system can include one or more addi- 
unit 420. The SAC 206, 306 then calculates 810 an authen- tional BS 312B and MSC/VLR 302B. The MSC/VLRs 302 
tication signal (AUTHR) using it*s stored value of the SSD2, 50 in the visited system each support the IS-41C signaling 
MIN, ESN, and the RAND signal as inputs to the authen- protocol while the HLR 310B of the home system only 
ticalion algorithm, e.g., the CAVE algorithm. The SAC 206, supports the IS-41B signaling protocol and not the IS-41C 
306 determines whether the authentication signal received signaling protocol. The HLR 310B in the home system and 
from the MSC/VLR 106A, 302A matches the authentication the MSC/VLRs 302 in the visited systems communicate via 
signal calculated by the SAC 206, 306 and generates 811 55 an SS7 signaling network 108, described above. A signaling 
either a "pass" or "fail" result signal based upon this gateway/SAC system 303 is coupled to the SS7 signahng 
determination. The SAC 206, 306 then transmits 812 the network 108 as illustrated in FIG. 3. The signaling gateway/ 
result signal to the MSCA^LR 106A, 302A of the serving SAC system 303 includes a gateway/SAC unit 306, a 
system which transmits 814 an a uthenticated si gnal or a gateway HLR 304, and a gateway VLR 308. The signaling 
not-authenticated signal to the MS 102 based upon the result 60 gateway is described in greater detail below, 
signal FIG. 9 is a more detailed illustration of the signaling 

One feature of the present invention is that the SAC 206 gateway/SAC system 303 of the present invention which 

independently determines the value of the authentication permits a first mobile station to utilize features supported by 

signal without having access to sensitive authentication the visited system but not supported by the home system, 

information, e.g., the A-key. As described above, in the 65 e.g., an authentication feature. The gateway/SAC unit 306 

preferred embodiment, the SAC 206 requests 808 that the includes a SAC 902, a feature support unit 904, a data unit 

SAMS 204 generate a shared secret data signal (SSD2). This 906, a processor 908, a controller 909, a network monitoring 
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unit 910, a subscriber unit 912, a network data unit 914, and 
a call processing unit 916. The gateway HLR 304 can 
include one or more of a DCS 1900 HLR data unit 918, an 
IS-41C HLR data unit 920, and a System 3 HLR data unit 
922, for example a IS-41B HLR data unit. In alternate 5 
embodiments, the gateway HLR 304 can have more than 
three HLR data units. In the example illustrated in FIG. 3, 
the gateway HLR 304 is a HLR from the perspective of the 
visited system MSCA^LR 302. It is a HLR because the 
gateway HLR 304 performs the functions of a HLR from the lo 
perspective of the visited system MSCA'LR 302, For 
example, the visited system MSCA^LR 302A transmits 
signals to the gateway HLR 304 and receives signal from the 
gateway HLR 304 as if the gateway HLR were the HLR in 
the home system, e.g.,. HLR 310B. The gateway VLR 308 15 
can include one or more of an IS-41B VLR data unit 924, a 
DCS1900 VLR data unit 926, and a system 3 VLR data unit 
928, for example, an IS-41C VLR data unit 928. In alternate 
embodiments the gateway VLR 308 can have more than 
three VLR data units. In the example illustrated in FIG. 3, 20 
the gateway VLR 308 is a VLR from the perspective of the 
home system HLR 310B. It is a VLR because the gateway 
VLR 308 performs the functions of a VLR from the per- 
spective of the home system HLR 310B. For example, the 
home system HLR 310B transmits signals to the gateway 25 
VLR 308 and receives signal from the gateway VLR 308 as 
if the gateway VLR were the VLR in the MSCA'LR 302A 
of the visited system. 

In the preferred embodiment, the SAC 902, feature sup- 
port unit 904, the data unit 906, the controller 909, the 30 
network monitoring unit 910, the subscriber unit 912, the 
network data unit 914, and the call processing unit 916 are 
located in a storage device, e.g., a conventional non-volatile 
random access memory (RAM) module that when operated 
upon by the processor 908 operate in a non-conventional 35 
manner, e.g., they can be a computer readable medium 
having a computer program stored therein wherein the 
process performed by the computer program is as described 
herein. The data unit 906 receives and stores signals from the 
gateway HLR 304 and the gateway VLR 308. The network 40 
monitoring unit 910 monitors the signals transmitted 
through the signahng gateway/SAC system 303 and gener- 
ates performance statistics, e.g., the number of messages. 
The controller 909 controls the operation of the signaling 
gateway/SAC system 303 including identifying and control- 45 
ling data bus access and communicating with the elements 
in the gateway/SAC unit 306, the gateway HLR 304, and the 
gateway VLR 308 to control the timing and sequence of the 
procedures performed by signaling gateway/SAC system 
303. The controller 909 also controls the operation of the 50 
SAC 902 and the feature support unit 904. 

The subscriber unit 912 performs an interfacing function 
between the protocol of the visited system and the protocol 
of the home system. A more detailed description of the 
functions performed by the subscriber unit is set forth below. 55 
The network data unit 914 stores network information, for 
example the address of the signaling gateway/SAC system 
303, the address of the gateway HLR 304, the address of the 
gateway VLR 308, and the address of the SAMS 204. The 
call processing unit 916 performs the routing functions for 60 
the signaling gateway, for example the call processing unit 
916 converts call routing requests from the home system 
into call routing requests of the visited system and the 
conversion of response signals from the visited system to the 
home system. 65 

The gateway HLR 304 can include multiple HLR data 
units in order to provide HLR services to a visited system 
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supporting one of a variety of signaling protocols. For 
example, the DCS1900 HLR data unit 918 performs HLR 
functions for a visited system that supports the DCS 1900 
signaling protocol. The IS-41C HLR data unit 920 performs 
HLR functions for a visited system that supports the IS-41C 
signaling protocol. The system 3 HLR data unit 922 per- 
forms HLR functions for a visited system that supports a 
different signaling protocol, e.g., the IS-41B signahng pro- 
tocol. Similarly^ the gateway VLR 308 can include multiple 
VLR data units in order to provide VLR services to home 
systems supporting one of a variety of signaling protocols. 
For example, the DCS1900 VLR data unit 926 performs 
VLR functions for a home system that supports the 
DCS1900 signaling protocol. The IS-41B VLR data unit 924 
performs VLR functions for a home system that supports the 
IS-41B signahng protocol. The system 3 VLR data unit 928 
performs VLR functions for a home system that supports a 
different signaling protocol, e.g., the 1S-41C signahng pro- 
tocol. The operation of the gateway HLR 304 and the 
gateway VLR 308 are described in greater detail below. In 
alternate embodiments the signaling gateway/SAC system 
303 performs similar functions however the imit that per- 
forms each function differs. That is, the functions performed 
by the gateway HLR 304, the gateway/SAC unit 306, and 
the gateway VLR 308 may be modified without departing 
from the spirit and scope of the present invention. 

The SAC 902 communicates with the SAMS 204 and 
together they perform the MS authentication, as described 
above with respect to the local SAC topography of FIG. 2. 
The home SAMS 204 includes a mobile identification 
number (MIN), an electronic serial number (ESN) and an 
authentication key (A-key) that are unique to each MS 102, 
as described above. The SAC 902 can implement a conven- 
tional authentication procedure, for example, the authenti- 
cation procedure in the IS-41C protocol that was incorpo- 
rated by reference in its entirely above. However, in the 
preferred embodiment the SAMS 204 generates the SSD2 
signal and transmits this signal to the SAC 902 in response 
to an SSD request signal from the SAC using the procedure 
described above, for example. Therefore, the gateway/SAC 
system 303, which is centralized and can be connected to 
many SAMS 204, does not have access to the sensitive 
authentication information, e.g., the A-key, The present 
invention operates using the technique described below with 
respect to FIG. 10a and FIG. 10b. In order for the MS 102 
to utilize a feature in the IS-41C signaling protocol that is 
not available in the IS -4 IB protocol supported by the home 
system, the signaling gateway/SAC system 303 authorizes 
the use of the functions based upon service information 
received from the HLR 310B. Specifically, the SAC 902 
performs the authentication functions normally performed 
by an HLR/AC of the home system, and the feature support 
unit 904 performs additional functions normally performed 
by the HLR/AC of the home system. With respect to FIG. 
10a, the SAC 902 generates the authentication commands 
and responses during step 1016, i.e., it generates a response 
signal. Similarly, the feature support unit 904 generates the 
additional feature commands and responses during step 
1016, Some examples of the operation of the SAC 902 are 
described below, 

FIG. lOfl is a flowchart illustrating the process of the 
signaling gateway when receiving a signal from a visited 
system according to the preferred embodiment of the present 
invention. FIG. lOa will be described with reference to the 
communication system illustrated in FIG. 3 and the signal- 
ing gateway system 303 described in FIG. 9. In this example 
the home system of the MS 102 includes the IS-41B HLR 
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310B. The MS 102 is out of range of the home system and cient solution since system components, e.g., BS's, HLR's, 

is in range of the IS-41C BS 312 A that supports the AMPS and MSCA^LR's, do not need to be modified when authen- 

IS-41C protocol. However, since the IS-41B protocol does tication protocols are modified. Instead the gatcway/SAC 

not support authentication, for example, conventional system 303 transparently handles the functions, e.g., 

mobile communication systems are not capable of having 5 authentication, and updates can be implemented by modi- 

the MS 102 utihzc the authentication feature supported by fying only the gateway/SAC system 303, In addition, the 

the visited system. As described above, in high risk areas, centralized gateway/SAC system 303 is more secure than 

e.g., in large cities, cellular phone fraud occurs more fre- conventional systems since the SAC 902 does not have 

quently when no authentication procedure is utilized. As access to sensitive authentication information, e.g., the 

indicated above, the signaling gateway/SAC system 303 of lo A-key, as described above. 

the present invention solves this problem. The IS-41C HLR FIG. 10b is a flowchart illustrating the process of the 

data unit 920 in the gateway HLR 304 receives 1002 a signal signaling gateway when receiving a signal from a home 

from the MSC/VLR 302A of the visited system (IS-41C system according to the preferred embodiment of the present 

system). The IS-41C HLR data unit 920 performs the invention. FIG. 106 will be described with reference to the 

functions of a conventional HLR in the home system of the 15 communication system illustrated in FIG. 3 and the signal- 

MS 102. For example, the IS-41C HLR data unit 920 ing gateway/SAC system 303 described in FIG. 9. HG. lOa 

manages the communication with the MSC/VLR 302A, and illustrates the situation when the visited system transmits a 

considers the gateway/SAC unit 306 as a logical database signal to the signaling gateway. FIG. 10b illustrates a signal 

and a source of various service requests, e.g., for OA&M transmission in the opposite direction. That is, the HLR 

and call routing. The IS-41C HLR data unit 920 requests 20 310B of the home system transmits a signal to the signaling 

information from the data unit 906 in the gateway/SAC unit gateway/SAC system 303. The IS-41B VLR data unit 924 in 

306. Thereafter, the controller 909 gives program control to the gateway VLR 308 receives 1022 a signal from the HLR 

the subscriber unit 912 which determines 1004 if the 310B of the home system (IS-41B system). The IS-41B 

gateway/SAC unit 306 has the requested information, if the VLR data unit 924 transmits the signal to the data unit 906 

signal received from the visited system is compatible with 25 in the gateway/SAC unit 306. The IS-41B VLR data unit 924 

the home system, and if the MS 102 a subscriber to the performs the functions of conventional VLRs. For example, 

gateway service. If so, the subscriber unit 912 sends an the IS-41B VLR data unit 924 manages the communication 

appropriate signal to the IS-41B VLR data unit 924. The with the home system HLR 310B, it also considers the 

IS-41B VLR data unit 924 then transmits 1006 the signal to gateway/SAC unit 306 as a logical database, a logical MSG, 

the home system HLR 310B and the process continues with 30 and a source of various service requests, e.g., for OA&M 

step 1014, which is described below. and feature requests. The controller 909 gives program 

If the signal is not compatible with the home system, for control to the subscriber unit 912 which determines 1024 if 

example, if the MSC/VLR 302A transmits an authentication the signal received from the home system is compatible with 

request signal, the subscriber unit 912 determines 1008 if a the visited system. If the received signal is compatible with 

signal is to be transmitted to the home system. This deter- 35 the visited system the subscriber unit sends an appropriate 

mination is based upon the type of signal received from the signal to the 1S-41C HLR data unit 920. The IS-41C HLR 

visiting system. Some considerations in making this deter- data unit 920 then transmits 1026 the signal to the visited 

mination include whether information from the home system system and the process continues with step 1034, described 

HLR 310B is necessary to respond to the signal received below. 

from the visited system, and whether the received signal 40 If the signal is not compatible with the visited system, the 
includes information that should be sent to the home system. subscriber unit 912 determines 1028 if a signal is to be 
If the subscriber unit 912 determines 1008 that a signal transmitted to the visited system. This determination is 
should be sent to the home system HLR 3 lOB, the subscriber based upon the type of signal received from the home 
sends an appropriate signal to the gateway VLR 308. An system, and whether the received signal includes informa- 
appropriate signal is a signal that causes the gateway VLR 45 tion that should be sent to the visited system. If the sub- 
308 to generate a IS-41B signal that will, for example, scriber unit 912 determines 1028 that a signal shoiild be sent 
request the desired information. The gateway VLR 308 to the MSC/VLR 302A of the visited system, the subscriber 
generates 1010 this signal and transmits 1012 the new signal imit 912 determines the appropriate type of IS-41C signal to 
to the home system HLR 310B. generate, and sends an appropriate signal to the IS-41C HLR 
If the subscriber unit 912 determines that the visited 50 data unit 920 which generates 1030 this signal and transmits 
system is expecting a response signal based upon the pro- 1032 the signal to the MSC/VLR 302Aof the visited system, 
tocol utilized by the visited system, e.g., the IS-41C If the subscriber unit 912 determines 1034 that the HLR 
protocol, the subscriber unit 912 sends an appropriate signal 310B of the home system is expecting a response signal 
to the gateway VLR 308 which generates 1016 a response based upon the protocol utilized by the home system, e.g., 
signal and transmits 1018 the response signal to MS 102 via 55 the IS-41B protocol, the subscriber unit 912 sends an 
the MSC/VLR 302A and the BS104Aof the visited system. appropriate signal to the IS-41B VLR data unit 924. The 
If the subscriber unit 912 determines that the signal is an IS-41B VLR data unit 924 then generates 1036 and transmits 
authentication request signal, the subscriber unit 912 trans- 1038 the response signal to HLR 310B of the home system 
mits the signal to the SAC 902. In conjunction with the via the IS-41B VLR data unit 924. It will be apparent that the 
appropriate SAMS 204, the SAC 902 performs the authen- 60 present invention operates between systems using different 
tication procedure described above with reference to the protocols in addition to the IS-41B protocol and the IS-41C 
SAMS 204 and the SAC 206. protocol. The conversion requirements between two prote- 
in an alternate embodiment, the gateway/SAC system 303 cols will be apparent to persons skilled in the relevant art. ^ 
can process all authentication requests or other specified FIG. 11 is an example of a registration signaling process 
feature requests, even if the home system supports authen- 65 including authentication according to one embodiment of 
tication or the specified feature request. TTie centralized the present invention. In FIG. 11 an MSC/VLR 3 02A and the 
location of the gateway/SAC system 303 provides an effi- SAC 902 in the signaling gateway/SAC system 303 perform 
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an authentication procedure. At time A the MSC/VLR 302A 
in the IS-41C system transmits an authentication request 
signal (AUTHREQ) to the gateway/SAC system 303 which 
forwards the request to the SAC 902. The authentication 
request includes an authentication value based upon a global 5 
authentication challenge (GC). The SAC 902 stores an SSD2 
value in the MS identification data unit 420. The operation 
of the SAC 902 is similar to the operation of the SAC 206 
described above. The SAC 902 compares the GC value with 
the value determined based upon tbe authentication algo- lo 
rithm and the MS information, e.g., the MIN, ESN, and the 
SSD2 signals. If the GC matches the value determined by 
the SAC 902, the SAC can identify the MS as authentic or 
it can challenge the MS to generate another authentication 
value. At time B the SAC 902 issues a response to the 15 
authentication signal (authreq[UC]) requesting that the MS 
generate another authentication value. This response signal 
includes a "unique challenge" having a random value and 
the expected response value based upon the effect of the 
authentication procedure on the random value. The random 20 
value is transmitted to the MS 102 which determines a new 
authentication value using the process described above, for 
example. The SAC 902 request an Update/unique challenge 
request in order to update the value of the SSD in the MS 
which can be used when whenever the SSD is to be updated. 25 
The MSC/VLR 302 A compares the new authentication 
value with the expected response value. The MSCA'^LR 
302A transmits an authentication report con miand 
(ASREPORIIUCRPT]) to the SAC 902 at time C indicating 
whether the MS 102 has passed or failed tbe authentica tion 30 
procedure. The SAC 902 acknowledges the message at time 
P using the authentication report response (asre port). If the 
MS 102 is authenticated, the MSCA^LR 302A attempts to 
register the MS 102 at time E by transmitting a registration 
notification signal (REGNOT) to the signaling gateway/ 35 
SAC system 303. If the MS 102 satisfied the authentication 
process, the signaling gateway/SAC system 303 transmits a 
registration notification command (REGNOT) to the HLR of 
the home system at time F. If the MS 102 does not satisfy the 
authentication process the SAC 902 prevents the MS 102 40 
from registering using the technique set forth in a conven- 
tional authentication protocol. After receiving the registra- 
tion notification command (REGNOT), the home system 
HLR 31 OB generates and transmits a registration notification 
response signal (regnot) to the signaling gateway/SAC sys- 
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tem 303. The signaling gateway/SAC system 303 then 
generates and transmits a registration notification response 
signal (regnot) to the MSC/VLR 302A. This completes the 
authentication and registration process of an MS 102 trans- 
mitting through the MSC/VLR 302A. Accordingly, even 
though the home system HLR 310B for the MS 102 was not 
capable of authenticating the MS 102 using the IS-41C 
authentication procedure, the present invention enables the 
MS 102 to utilize this feature while visiting a system 
supporting authentication. In addition, the SAC 902 per- 
forms the authentication procedure without having access to 
sensitive authentication information, e.g., the A-key. 

While the present invention has been particularly shown 
and described with reference to a preferred embodiment, and 
several alternate embodiments, it will be understood by 
persons skilled in the relevant art that various changes in 
form and details can be made therein without departing from 
the spirit and scope of the invention. 

What is claimed is: 

1. A method for securely programming a mobile system 
with sensitive authentication information, comprising the 
steps of: 

connecting the mobile system to a validator unit; 
initiating a connection between said validation unit and a 

secure authentication-key management system 

(SAMS) via a wide area data network; 
securely generating a encryption key in the validator unit 

and the SAMS; 
generating the sensitive authentication information signal 

in the SAMS; 

encrypting the sensitive authentication information signal 
using the encryption key to generate encrypted sensi- 
tive authentication information signal; 

transmitting said encrypted sensitive authentication infor- 
mation signal from the SAMS to the validation unit via 
the wide area data network; 

unencrypting the encrypted sensitive authentication infor- 
mation signal in the vatidation unit to generate said 
sensitive authentication information signal; and 

automatically programming said mobile system with said 
sensitive authentication information signal. 

***** 
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